A unique security problem exists in cellular telephones, which does not exist in ordinary telephones, and which is based on the anonymity of callers who use cellular telephones. In ordinary telephones, the callers are not considered anonymous, because telephone lines are always connected to identifiable premises, such as a house or an office. The party in possession of the premises is held responsible for the telephone calls, irrespective of who actually makes calls on the lines.
However, in cellular telephones, no such physical connections exist. Consequently, it is difficult, if not impossible, to identify a person making a cellular call. Nevertheless, procedures are undertaken to assure that only authorized persons are allowed to make calls.
As one example of such procedures, cellular telephones are assigned serial numbers at the time of their manufacture. When a person subscribes to cellular telephone service, an Authorization Key, or A.sub.13 Key, is assigned to the cellular telephone. The cellular telephone stores both the serial number, and the A.sub.13 Key.
When a person places a call, the cellular telephone first transmits a message to a cellular service provider, seeking authorization. This message includes both the serial number and the A.sub.13 Key, in encrypted format. The cellular service provider then ascertains whether the A.sub.13 Key has, in fact, been assigned to the serial number, and, if so, proceeds in completing the call. If not, the call is rejected.
However, great care must be taken to prevent hackers from obtaining knowledge of the A.sub.13 Keys which are assigned to the serial numbers. For example, if a hacker learns of a serial-number/A.sub.13 Key pair, then the hacker can undertake the authorization requests discussed above, and obtain cellular telephone service illegally.
It can be argued that the security procedures in common use do not provide maximum protection of the A.sub.13 Key assignments.